Sovereign Security Toolkit

Agent-Friendly Security Assessment Tools

Defensive security utilities reimagined for autonomous agents

Home Algorithms Demos Docs About

⚠️ Defensive Security Only

These tools are designed exclusively for defensive security assessment, rehearsal, and analysis. All tools support read-only/forensic modes, rate limiting, and ethical use. Not for offensive operations or malicious purposes.

Toolkit Overview

The Sovereign Security Toolkit is a collection of reimagined security assessment utilities designed to work seamlessly with Ai|oS meta-agents. Unlike traditional security tools, these are built with:

🤖 Agent-Friendly Behavior

Structured JSON output, programmatic interfaces, and predictable behavior for autonomous operation.

🛡️ Defensive Focus

Read-only modes, forensic safeguards, and ethical constraints built into every tool.

📊 Rich Telemetry

Comprehensive health checks, audit logging, and metadata for Ai|oS integration.

🎯 Production Ready

Error handling, rate limiting, concurrency controls, and enterprise-grade reliability.

The Tools

🌐

AuroraScan

Network Reconnaissance
Network Defensive Agent-Ready

Agent-friendly network reconnaissance tool for discovering hosts, services, and vulnerabilities with configurable profiles and rate limiting.

Key Features:
  • Configurable scan profiles (stealth, normal, aggressive)
  • Service detection and version fingerprinting
  • CVE vulnerability correlation
  • JSON/XML output for agents
  • Rate limiting and concurrency controls
  • GUI for interactive use
# Basic scan
python -m tools.aurorascan 192.168.0.0/24 --profile recon --json

# Advanced scan with GUI
python -m tools.aurorascan --gui

# From Ai|oS
AGENTA_SECURITY_TOOLS=AuroraScan python aios/aios -v boot
💉

CipherSpear

Database Injection Analysis
Database Read-Only Agent-Ready

Database security assessment tool that identifies injection vulnerabilities through static analysis and safe testing methodologies.

Key Features:
  • SQL injection pattern detection
  • NoSQL injection analysis
  • Read-only safe testing mode
  • Multiple database support (PostgreSQL, MySQL, MongoDB)
  • Remediation recommendations
  • Demo mode for training
# Analyze database
python -m tools.cipherspear --dsn postgresql://audit@localhost/app --json

# Demo mode (no real DB)
python -m tools.cipherspear --demo --json

# With GUI
python -m tools.cipherspear --gui
📡

SkyBreaker

Wireless Security Auditing
Wireless Defensive Agent-Ready

Wireless network security auditing tool for assessing WiFi configurations, encryption strength, and access point security.

Key Features:
  • WiFi network discovery and analysis
  • Encryption strength assessment (WEP, WPA, WPA2, WPA3)
  • Rogue access point detection
  • Signal strength mapping
  • Capture and analysis modes
  • Compliance checking
# Capture mode
python -m tools.skybreaker capture wlan0 --output capture.json

# Analysis mode
python -m tools.skybreaker analyze capture.json --json

# Live monitoring
python -m tools.skybreaker --gui
🔑

MythicKey

Credential Security Analysis
Credentials Static Analysis Agent-Ready

Credential strength analysis tool using deterministic pattern matching and entropy analysis - no live credential testing.

Key Features:
  • Password entropy analysis
  • Pattern detection (common passwords, keyboard walks)
  • Hash type identification
  • GPU-balanced profiles for large datasets
  • No live credential testing (defensive only)
  • Compliance checks (NIST, PCI-DSS)
# Analyze password list
python -m tools.mythickey --demo --profile gpu-balanced --json

# Check against policy
python -m tools.mythickey --policy nist --json

# Interactive analysis
python -m tools.mythickey --gui
📦

SpectraTrace

Packet Inspection
Network Passive Analysis Agent-Ready

Deep packet inspection tool for analyzing network traffic, detecting anomalies, and extracting metadata from captures.

Key Features:
  • Protocol analysis (HTTP, HTTPS, DNS, etc.)
  • Anomaly detection with ML
  • Traffic pattern analysis
  • Metadata extraction
  • Workflow automation (quick-scan, deep-dive)
  • PCAP file support
# Analyze capture
python -m tools.spectratrace --capture traces/demo.pcap --json

# Quick scan workflow
python -m tools.spectratrace --workflow quick-scan --json

# Interactive analysis
python -m tools.spectratrace --gui
🔐

NemesisHydra

Authentication Testing
Authentication Controlled Testing Agent-Ready

Authentication mechanism testing tool with strict rate limiting and lockout prevention for defensive security assessment.

Key Features:
  • Authentication flow analysis
  • Timing attack detection
  • Session management testing
  • Strict rate limiting (prevents lockouts)
  • Demo mode for training
  • OAuth/SAML support
# Demo mode (safe)
python -m tools.nemesishydra --demo --json

# Controlled testing
python -m tools.nemesishydra --target https://example.com/login \
  --max-attempts 3 --json

# Interactive testing
python -m tools.nemesishydra --gui
🛡️

ObsidianHunt

Host Hardening Audit
System Read-Only Agent-Ready

Host security configuration auditing tool that checks hardening status, compliance, and security best practices.

Key Features:
  • Security configuration checks
  • CIS benchmark compliance
  • Patch level assessment
  • Service hardening analysis
  • Cross-platform (Linux, macOS, Windows)
  • Remediation scripts
# Audit workstation
python -m tools.obsidianhunt --profile workstation --json

# Server audit
python -m tools.obsidianhunt --profile server --benchmark cis --json

# Interactive audit
python -m tools.obsidianhunt --gui
📡

VectorFlux

Payload Analysis & Staging
Analysis Research Tool Agent-Ready

Payload analysis and staging tool for understanding attack vectors, analyzing malware samples, and defensive research.

Key Features:
  • Payload format analysis
  • Obfuscation detection
  • Sandbox environment for testing
  • Module system for extensibility
  • Workspace management
  • Forensic analysis mode
# List modules
python -m tools.vectorflux --list-modules

# Analyze payload
python -m tools.vectorflux --workspace incident-23-071 \
  --module analyze-payload --json

# Forensic mode
python -m tools.vectorflux --forensic --json

Ai|oS Integration

All tools integrate seamlessly with Ai|oS meta-agents through the Security Agent. When configured, tools automatically run health checks and publish telemetry.

Environment Configuration

# Enable security suite
export AGENTA_SECURITY_SUITE=1

# Select specific tools
export AGENTA_SECURITY_TOOLS=AuroraScan,CipherSpear,SkyBreaker

# Set profile
export AGENTA_SECURITY_PROFILE=production

# Boot Ai|oS
python aios/aios --env AGENTA_SECURITY_SUITE=1 -v boot

Health Check System

Each tool provides a health_check() function that returns structured status: 

{
  "tool": "AuroraScan",
  "status": "ok",           // ok | warn | error
  "summary": "AuroraScan is operational",
  "details": {
    "version": "1.0.0",
    "last_run": "2025-10-13T10:30:00Z",
    "scans_completed": 42,
    "average_latency_ms": 250
  }
}

Security Agent Actions

# Check tool health
python aios/aios -v exec security.sovereign_suite

# Run specific tool
AGENTA_SECURITY_TOOLS=AuroraScan python aios/aios -v exec security.sovereign_suite

# Get telemetry
python aios/aios -v metadata

Why Agent-Friendly?

Traditional security tools are designed for human operators. Our toolkit is reimagined for autonomous agents:

Feature Traditional Tools Sovereign Toolkit
Output Format Human-readable text Structured JSON with schemas
Error Handling Crashes or cryptic errors Graceful degradation with context
State Management Interactive prompts Stateless, deterministic behavior
Rate Limiting Manual throttling Built-in, configurable limits
Telemetry Basic logs Rich metadata with timestamps
Forensic Mode Not available Read-only safeguards built-in
Health Checks Manual verification Automated with latency metrics
Integration Shell scripts Python API + Ai|oS native

Ethical Use Guidelines

Code of Conduct

The Sovereign Security Toolkit is designed exclusively for defensive security. By using these tools, you agree to:

  • Use tools only on systems you own or have explicit authorization to test
  • Respect rate limits and avoid causing service disruption
  • Not use for offensive operations or malicious purposes
  • Follow responsible disclosure for discovered vulnerabilities
  • Comply with all applicable laws and regulations
  • Use forensic modes in production environments

Built-In Safeguards

Forensic Mode

All tools support read-only operation that prevents system mutations while gathering intelligence.

Rate Limiting

Configurable rate limits prevent accidental service disruption and respect target system resources.

Audit Logging

All operations are logged with timestamps, targets, and results for accountability and compliance.

Authorization Checks

Tools require explicit configuration to operate, preventing accidental execution against unauthorized targets.

Get Started

Ready to enhance your security posture with agent-friendly tools? 

# Clone repository
git clone https://github.com/yourusername/aios.git
cd aios

# Install dependencies
pip install -r requirements.txt

# Run health checks
python -m tools.aurorascan --health-check

# Start with GUI
python -m tools.aurorascan --gui

See the documentation for detailed usage guides and API reference.

Security Support: support@aios.is | admin@aios.is